Rekeying for encrypted deduplication storage
Refereed conference paper presented and published in conference proceedings

Times Cited
Altmetrics Information

Other information
AbstractRekeying refers to an operation of replacing an existing key with a new key for encryption. It renews security protection, so as to protect against key compromise and enable dynamic access control in cryptographic storage. However, it is non-trivial to realize efficient rekeying in encrypted deduplication storage systems, which use deterministic content-derived encryption keys to allow deduplication on ciphertexts. We design and implement REED, a rekeying-aware encrypted deduplication storage system. REED builds on a deterministic version of all-or-nothing transform (AONT), such that it enables secure and lightweight rekeying, while preserving the deduplication capability. We propose two REED encryption schemes that trade between performance and security, and extend REED for dynamic access control. We implement a REED prototype with various performance optimization techniques. Our trace-driven testbed evaluation shows that our REED prototype maintains high performance and storage efficiency.
All Author(s) ListLi J., Qin C., Lee P.P.C., Li Z.
Name of Conference46th IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2016
Start Date of Conference28/06/2016
End Date of Conference01/07/2016
Place of ConferenceToulouse
Country/Region of ConferenceFrance
Detailed descriptionorganized by IEEE/IFIP,
Pages618 - 629
LanguagesEnglish-United Kingdom

Last updated on 2020-08-08 at 23:12